|
|
|
|
|
| Posted By: |
SecurityTube_Bot
|
| Posted On: |
Mon 21 Feb 2011 |
| Views: |
8024 |
| Share this video: |
|
| Support SecurityTube:
|
|
|
Description: In this video, Jesse Varsalone from Offensive Security demonstrates how to hack a Vista box using Backtrack. For this demo physical access to the Vista box will be required. Jesse boots into Backtrack and mounts the Vista drive in write mode. He then replaces the Windows Utility Manager program utilman.exe with cmd.exe ( command shell ). It is important to note that utilman.exe is protected by the Windows File Protection (WPF) feature and thus cannot be replaced while Vista is running. Once utilman.exe has been replaced, Jesse boots into Vista. On coming to the login prompt, he presses the windows key and the "U" key together to launch utilman.exe, which now is our command shell, cmd.exe. This command shell session has system level privileges. We now run the Explorer.exe program to launch the desktop and associated programs.
This demo goes to show, how easy it is to subvert security once you have physical access. The original video is available here.
